Weekly Vulnerabilities Reports > May 25 to 31, 2015
Overview
111 new vulnerabilities reported during this period, including 14 critical vulnerabilities and 24 high severity vulnerabilities. This weekly summary report vulnerabilities in 133 products from 46 vendors including IBM, Cisco, HP, Arubanetworks, and Blue Coat. Vulnerabilities are notably categorized as "Cross-site Scripting", "Information Exposure", "Resource Management Errors", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "SQL Injection".
- 102 reported vulnerabilities are remotely exploitables.
- 12 reported vulnerabilities have public exploit available.
- 35 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 77 reported vulnerabilities are exploitable by an anonymous user.
- IBM has the most reported vulnerabilities, with 29 reported vulnerabilities.
- IBM has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
14 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-05-31 | CVE-2015-3292 | Netapp | Code vulnerability in Netapp Oncommand Workflow Automation 2.2.1/3.0 The installer in NetApp OnCommand Workflow Automation before 2.2.1P1 and 3.x before 3.0P1 sets up the Java Debugging Wire Protocol (JDWP) service, which allows remote attackers to execute arbitrary code via unspecified vectors. | 10.0 |
2015-05-29 | CVE-2015-4067 | Dell | Numeric Errors vulnerability in Dell Netvault Backup 10.0.5 Integer overflow in the libnv6 module in Dell NetVault Backup before 10.0.5 allows remote attackers to execute arbitrary code via crafted template string specifiers in a serialized object, which triggers a heap-based buffer overflow. | 10.0 |
2015-05-29 | CVE-2015-4060 | Wavelink | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wavelink Connectpro Heap-based buffer overflow in the TermProxy (WLTermProxyService.exe) service in Wavelink ConnectPro allows remote attackers to execute arbitrary code via a large HTTP header. | 10.0 |
2015-05-29 | CVE-2015-4059 | Wavelink | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wavelink Terminal Emulation Heap-based buffer overflow in the License Server (LicenseServer.exe) in Wavelink Terminal Emulation (TE) allows remote attackers to execute arbitrary code via a large HTTP header. | 10.0 |
2015-05-29 | CVE-2015-4032 | Visual Mining | Permissions, Privileges, and Access Controls vulnerability in Visual Mining Netcharts Server projectContents.jsp in the Developer tools in Visual Mining NetCharts Server allows remote attackers to rename arbitrary files, and consequently execute them, via unspecified vectors. | 10.0 |
2015-05-29 | CVE-2015-4031 | Visualmining | Path Traversal vulnerability in Visualmining Netcharts Server Directory traversal vulnerability in saveFile.jsp in the development installation in Visual Mining NetChart allows remote attackers to write to arbitrary files via unspecified vectors. | 10.0 |
2015-05-25 | CVE-2015-2110 | HP | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HP Loadrunner 11.52 Buffer overflow in HP LoadRunner 11.52 allows remote attackers to execute arbitrary code via unspecified vectors. | 10.0 |
2015-05-25 | CVE-2015-1896 | IBM | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Tivoli Storage Manager Fastback Stack-based buffer overflow in the FastBackMount process in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.11.1 allows remote attackers to execute arbitrary code via unspecified vectors. | 10.0 |
2015-05-29 | CVE-2015-4068 | Arcserve | Path Traversal vulnerability in Arcserve UDP 5.0 Directory traversal vulnerability in Arcserve UDP before 5.0 Update 4 allows remote attackers to obtain sensitive information or cause a denial of service via a crafted file path to the (1) reportFileServlet or (2) exportServlet servlet. | 9.1 |
2015-05-28 | CVE-2015-1550 | Arubanetworks | Path Traversal vulnerability in Arubanetworks Clearpass Policy Manager Directory traversal vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allows remote administrators to execute arbitrary files via unspecified vectors. | 9.0 |
2015-05-28 | CVE-2014-6628 | Arubanetworks | Remote Code Execution vulnerability in Aruba Networks ClearPass Policy Manager Aruba Networks ClearPass Policy Manager (CPPM) before 6.5.0 allows remote administrators to execute arbitrary code via unspecified vectors. | 9.0 |
2015-05-25 | CVE-2015-2123 | HP | Privilege Escalation vulnerability in HP NonStop Safeguard Security Software Unspecified vulnerability in HP NonStop Safeguard Security Software H06.x, L15.02, and J06.x before J06.19 allows remote authenticated users to gain privileges by leveraging Expand access. | 9.0 |
2015-05-25 | CVE-2015-0160 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Security Siteprotector System IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to execute arbitrary commands with SYSTEM privileges via unspecified vectors. | 9.0 |
2015-05-25 | CVE-2015-0713 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco products The web framework in Cisco TelePresence Advanced Media Gateway Series Software before 1.1(1.40), Cisco TelePresence IP Gateway Series Software, Cisco TelePresence IP VCR Series Software before 3.0(1.27), Cisco TelePresence ISDN Gateway Software before 2.2(1.94), Cisco TelePresence MCU Software before 4.4(3.54) and 4.5 before 4.5(1.45), Cisco TelePresence MSE Supervisor Software before 2.3(1.38), Cisco TelePresence Serial Gateway Series Software before 1.0(1.42), Cisco TelePresence Server Software for Hardware before 3.1(1.98), and Cisco TelePresence Server Software for Virtual Machine before 4.1(1.79) allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors, aka Bug IDs CSCul55968, CSCur08993, CSCur15803, CSCur15807, CSCur15825, CSCur15832, CSCur15842, CSCur15850, and CSCur15855. | 9.0 |
24 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-05-25 | CVE-2015-2120 | HP | Remote Privilege Escalation vulnerability in HP Sitescope 11.13/11.24.391/11.30.521 Unspecified vulnerability in HP SiteScope 11.1x before 11.13, 11.2x before 11.24.391, and 11.3x before 11.30.521 allows remote authenticated users to gain privileges via unknown vectors, aka ZDI-CAN-2567. | 8.7 |
2015-05-25 | CVE-2014-2174 | Cisco | Improper Access Control vulnerability in Cisco Telepresence TC Software and Telepresence TE Software Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 do not properly implement access control, which allows remote attackers to obtain root privileges by sending packets on the local network and allows physically proximate attackers to obtain root privileges via unspecified vectors, aka Bug ID CSCub67651. | 8.3 |
2015-05-30 | CVE-2015-0744 | Cisco | Resource Management Errors vulnerability in Cisco products Cisco DTA Control System (DTACS) 4.0.0.9 and Cisco Headend System Release allow remote attackers to cause a denial of service (CPU and memory consumption, and TCP service outage) via (1) a SYN flood or (2) another type of TCP traffic flood, aka Bug IDs CSCus50642, CSCus50662, CSCus50625, CSCus50657, and CSCus68315. | 7.8 |
2015-05-29 | CVE-2015-4069 | Arcserve | Information Exposure vulnerability in Arcserve Unified Data Protection The EdgeServiceImpl web service in Arcserve UDP before 5.0 Update 4 allows remote attackers to obtain sensitive credentials via a crafted SOAP request to the (1) getBackupPolicy or (2) getBackupPolicies method. | 7.8 |
2015-05-29 | CVE-2015-4047 | Ipsec Tools Canonical Fedoraproject F5 Debian | NULL Pointer Dereference vulnerability in multiple products racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests. | 7.8 |
2015-05-29 | CVE-2015-0847 | Canonical Wouter Verhelst | Code vulnerability in multiple products nbd-server.c in Network Block Device (nbd-server) before 3.11 does not properly handle signals, which allows remote attackers to cause a denial of service (deadlock) via unspecified vectors. | 7.8 |
2015-05-29 | CVE-2015-0751 | Cisco | Improper Input Validation vulnerability in Cisco Unified Communications Manager 10.3(1) Cisco IP Phone 7861, when firmware from Cisco Unified Communications Manager 10.3(1) is used, allows remote attackers to cause a denial of service via crafted packets, aka Bug ID CSCus81800. | 7.8 |
2015-05-29 | CVE-2013-7441 | Wouter Verhelst | Resource Management Errors vulnerability in Wouter Verhelst NBD The modern style negotiation in Network Block Device (nbd-server) 2.9.22 through 3.3 allows remote attackers to cause a denial of service (root process termination) by (1) closing the connection during negotiation or (2) specifying a name for a non-existent export. | 7.8 |
2015-05-28 | CVE-2015-1157 | Apple | Code vulnerability in Apple Iphone OS, Itunes and mac OS X CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service (reboot and messaging disruption) via crafted Unicode text that is not properly handled during display truncation in the Notifications feature, as demonstrated by Arabic characters in (1) an SMS message or (2) a WhatsApp message. | 7.8 |
2015-05-25 | CVE-2015-2121 | HP | Information Exposure vulnerability in HP Network Virtualization 11.52/8.61 HP Network Virtualization for LoadRunner and Performance Center 8.61 and 11.52 allows remote attackers to read arbitrary files via a crafted filename in a URL to the (1) HttpServlet or (2) NetworkEditorController component, aka ZDI-CAN-2569. | 7.8 |
2015-05-25 | CVE-2015-2122 | HP | Resource Management Errors vulnerability in HP SDN VAN Controller The REST layer on HP SDN VAN Controller devices 2.5 and earlier allows remote attackers to cause a denial of service via network traffic to the REST port. | 7.8 |
2015-05-25 | CVE-2015-1899 | IBM | Resource Management Errors vulnerability in IBM Websphere Portal 8.5.0.0 IBM WebSphere Portal 8.5 through CF05 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | 7.8 |
2015-05-25 | CVE-2015-0722 | Cisco | Resource Management Errors vulnerability in Cisco Telepresence TC Software and Telepresence TE Software The network drivers in Cisco TelePresence T, Cisco TelePresence TE, and Cisco TelePresence TC before 7.3.2 allow remote attackers to cause a denial of service (process restart or device reload) via a flood of crafted IP packets, aka Bug ID CSCuj68952. | 7.8 |
2015-05-30 | CVE-2015-1937 | IBM | Improper Access Control vulnerability in IBM Powervc IBM PowerVC 1.2.0.x through 1.2.0.4, 1.2.1.x through 1.2.1.2, and 1.2.2.x through 1.2.2.2 does not require authentication for the ceilometer NoSQL database, which allows remote attackers to read or write to arbitrary database records, and consequently obtain administrator privileges, via a session on port 27017. | 7.5 |
2015-05-29 | CVE-2015-0754 | Cisco | Improper Input Validation vulnerability in Cisco Finesse 10.5(1)Base Cisco Finesse 10.5(1) allows remote authenticated users to obtain sensitive information or cause a denial of service (CPU and memory consumption) via a crafted XML document, aka Bug ID CSCut95810. | 7.5 |
2015-05-29 | CVE-2015-4137 | Milw0Rm Project | SQL Injection vulnerability in Milw0Rm Project Milw0Rm Clone Script 1.0 SQL injection vulnerability in related.php in Milw0rm Clone Script 1.0 allows remote attackers to execute arbitrary SQL commands via the program parameter. | 7.5 |
2015-05-28 | CVE-2015-4133 | Reflex Gallery Project | Unspecified vulnerability in Reflex Gallery Project Reflex Gallery Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin before 3.1.4 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in uploads/ directory. | 7.5 |
2015-05-26 | CVE-2015-0986 | Moxa | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Moxa Vport Activex SDK Plus Multiple stack-based buffer overflows in Moxa VPort ActiveX SDK Plus before 2.8 allow remote attackers to insert assembly-code lines via vectors involving a regkey (1) set or (2) get command. | 7.5 |
2015-05-26 | CVE-2015-4092 | SAP | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP Afaria 7.0.6620.2 Buffer overflow in the XComms process in SAP Afaria 7.00.6620.2 SP5 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request, aka SAP Security Note 2153690. | 7.5 |
2015-05-26 | CVE-2015-4091 | SAP | XML External Entity Injection vulnerability in SAP Netweaver Application Server Java 7.4 XML external entity (XXE) vulnerability in SAP NetWeaver AS Java 7.4 allows remote attackers to send TCP requests to intranet servers or possibly have unspecified other impact via an XML request to tc~sld~wd~main/Main, related to "CIM UPLOAD," aka SAP Security Note 2090851. | 7.5 |
2015-05-25 | CVE-2014-8146 | Apple ICU Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text. | 7.5 |
2015-05-25 | CVE-2015-0935 | Bomgar | Code Injection vulnerability in Bomgar Remote Support Bomgar Remote Support before 15.1.1 allows remote attackers to execute arbitrary PHP code via crafted serialized data to unspecified PHP scripts. | 7.5 |
2015-05-25 | CVE-2015-2945 | H FJ | Code Injection vulnerability in H-Fj Mt-PHPincgi mt-phpincgi.php in Hajime Fujimoto mt-phpincgi before 2015-05-15 does not properly restrict URLs, which allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted request, as exploited in the wild in May 2015. | 7.5 |
2015-05-25 | CVE-2015-0120 | IBM | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Tivoli Storage Manager Fastback Buffer overflow in the FastBackMount process in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.11.1 has unspecified impact and remote attack vectors. | 7.5 |
62 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-05-31 | CVE-2015-3939 | IDS | Path Traversal vulnerability in IDS Nc854 and Nc856 Directory traversal vulnerability in the NC854 and NC856 modules for IDS RTU 850C devices allows remote authenticated users to read arbitrary files via unspecified vectors involving an internal web server, as demonstrated by reading a TELNET credentials file. | 6.8 |
2015-05-30 | CVE-2015-2853 | Blue Coat | SSL Visibility Appliances Multiple Security vulnerability in Blue Coat Session fixation vulnerability in the WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 allows remote attackers to hijack web sessions by providing a session ID. | 6.8 |
2015-05-30 | CVE-2015-2851 | Synology Apple | Permissions, Privileges, and Access Controls vulnerability in Synology Cloud Station client_chown in the sync client in Synology Cloud Station 1.1-2291 through 3.1-3320 on OS X allows local users to change the ownership of arbitrary files, and consequently obtain root access, by specifying a filename. | 6.8 |
2015-05-29 | CVE-2015-0755 | Cisco | Improper Access Control vulnerability in Cisco Anyconnect Secure Mobility Client 4.0(64) The Posture module for Cisco Identity Services Engine (ISE), as distributed in Cisco AnyConnect Secure Mobility Client 4.0(64), allows local users to gain privileges via unspecified commands, aka Bug ID CSCut05797. | 6.8 |
2015-05-29 | CVE-2015-0753 | Cisco | Improper Input Validation vulnerability in Cisco Unified web and E-Mail Interaction Manager 9.0(2) SQL injection vulnerability in Cisco Unified Email Interaction Manager (EIM) and Unified Web Interaction Manager (WIM) 9.0(2) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuu30028. | 6.8 |
2015-05-26 | CVE-2015-3902 | Phpmyadmin | Cross-Site Request Forgery (CSRF) vulnerability in PHPmyadmin Multiple cross-site request forgery (CSRF) vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configuration file. | 6.8 |
2015-05-25 | CVE-2015-2946 | OCF | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in OCF SXF Common Library Stack-based buffer overflow in the Open CAD Format Council SXF common library before 3.30 allows remote attackers to execute arbitrary code via a crafted CAD file. | 6.8 |
2015-05-25 | CVE-2015-0140 | IBM | ActiveX Control Remote Code Execution vulnerability in IBM Spss Statistics 22.0 An unspecified ActiveX control in IBM SPSS Statistics 22.0 through FP1 on 32-bit platforms allows remote attackers to execute arbitrary code via a crafted HTML document. | 6.8 |
2015-05-25 | CVE-2014-4774 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM Endpoint Manager Family and License Metric Tool Cross-site request forgery (CSRF) vulnerability in the login page in IBM License Metric Tool 9 before 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 before 9.1.0.2 allows remote attackers to hijack the authentication of arbitrary users via vectors involving a FRAME element. | 6.8 |
2015-05-25 | CVE-2015-1894 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM Optim Workload Replay 2.1/2.1.0.1/2.1.0.2 Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere Optim Workload Replay 2.x before 2.1.0.3 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. | 6.8 |
2015-05-28 | CVE-2015-1392 | Arubanetworks | SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager Multiple SQL injection vulnerabilities in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allow remote administrators to execute arbitrary SQL commands via unspecified vectors. | 6.5 |
2015-05-27 | CVE-2015-4066 | Gigpress | SQL Injection vulnerability in Gigpress 2.3.8 Multiple SQL injection vulnerabilities in admin/handlers.php in the GigPress plugin before 2.3.9 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) show_artist_id or (2) show_venue_id parameter in an add action in the gigpress.php page to wp-admin/admin.php. | 6.5 |
2015-05-27 | CVE-2015-4064 | Landing Pages Project | SQL Injection vulnerability in Landing Pages Project Landing Pages 1.8.4 SQL injection vulnerability in modules/module.ab-testing.php in the Landing Pages plugin before 1.8.5 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the post parameter in an edit delete-variation action to wp-admin/post.php. | 6.5 |
2015-05-27 | CVE-2015-4062 | Newstatpress Project | SQL Injection vulnerability in Newstatpress Project Newstatpress SQL injection vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the where1 parameter in the nsp_search page to wp-admin/admin.php. | 6.5 |
2015-05-26 | CVE-2015-1013 | Osisoft | SQL Injection vulnerability in Osisoft PI Server and PI SQL FOR AF OSIsoft PI AF 2.6 and 2.7 and PI SQL for AF 2.1.2.19 do not ensure that the PI SQL (AF) Trusted Users group lacks the Everyone account, which allows remote authenticated users to bypass intended command restrictions via SQL statements. | 6.5 |
2015-05-26 | CVE-2015-1008 | Emerson | SQL Injection vulnerability in Emerson AMS Device Manager SQL injection vulnerability in Emerson AMS Device Manager before 13 allows remote authenticated users to gain privileges via malformed input. | 6.5 |
2015-05-25 | CVE-2015-0540 | EMC | SQL Injection vulnerability in EMC Document Sciences Xpression 4.2/4.5 SQL injection vulnerability in the xAdmin interface in EMC Document Sciences xPression 4.2 before P44 and 4.5 SP1 before P03 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 6.5 |
2015-05-25 | CVE-2015-0161 | IBM | SQL Injection vulnerability in IBM Security Siteprotector System SQL injection vulnerability in IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 6.5 |
2015-05-29 | CVE-2015-1833 | Apache | Improper Input Validation vulnerability in Apache Jackrabbit XML external entity (XXE) vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request. | 6.4 |
2015-05-25 | CVE-2015-1921 | IBM | Open Redirection vulnerability in IBM Websphere Portal 8.0.0.0/8.0.0.1/8.5.0.0 Open redirect vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF17 and 8.5.0 before CF06 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL. | 6.4 |
2015-05-29 | CVE-2015-0756 | Cisco | Improper Input Validation vulnerability in Cisco Wireless LAN Controller 7.4(1.1) Cisco Wireless LAN Controller (WLC) devices with software 7.4(1.1) allow remote attackers to cause a denial of service (wireless-networking outage) via crafted TCP traffic on the local network, aka Bug ID CSCug67104. | 6.1 |
2015-05-28 | CVE-2015-4134 | Phpwind | Cross-Site Scripting and Open Redirection vulnerability in PHPwind 8.7 Open redirect vulnerability in goto.php in phpwind 8.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter. | 5.8 |
2015-05-25 | CVE-2015-2694 | MIT | Permissions, Privileges, and Access Controls vulnerability in MIT Kerberos 5 The kdcpreauth modules in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.2 do not properly track whether a client's request has been validated, which allows remote attackers to bypass an intended preauthentication requirement by providing (1) zero bytes of data or (2) an arbitrary realm name, related to plugins/preauth/otp/main.c and plugins/preauth/pkinit/pkinit_srv.c. | 5.8 |
2015-05-25 | CVE-2015-0180 | IBM | Improper Access Control vulnerability in IBM Infosphere Information Server The Connector Migration Tool in IBM InfoSphere Information Server 8.1 through 11.3 allows remote authenticated users to bypass intended restrictions on job creation and modification via unspecified vectors. | 5.5 |
2015-05-25 | CVE-2015-0171 | IBM | Path Traversal vulnerability in IBM Security Siteprotector System Directory traversal vulnerability in IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to write to arbitrary files via unspecified vectors. | 5.5 |
2015-05-30 | CVE-2015-0745 | Cisco | Information Exposure vulnerability in Cisco products Cisco Headend System Release allows remote attackers to read temporary script files or archive files, and consequently obtain sensitive information, via a crafted header in an HTTP request, aka Bug ID CSCus44909. | 5.0 |
2015-05-30 | CVE-2015-0743 | Cisco | Resource Management Errors vulnerability in Cisco products Cisco Headend System Release allows remote attackers to cause a denial of service (DHCP and TFTP outage) via a flood of crafted UDP traffic, aka Bug ID CSCus04097. | 5.0 |
2015-05-29 | CVE-2015-0757 | Cisco | Information Exposure vulnerability in Cisco Identity Services Engine Software 1.2(1.901)/1.3(0.722) The web framework in Cisco Identity Services Engine (ISE) 1.2(1.901) and 1.3(0.722) does not properly implement session handlers, which allows remote attackers to obtain sensitive information by reading web pages, as demonstrated by MnT reports, aka Bug ID CSCuq23140. | 5.0 |
2015-05-25 | CVE-2014-8927 | IBM | Resource Management Errors vulnerability in IBM products Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; Endpoint Manger for Software Use Analysis 9; and Tivoli Asset Discovery for Distributed 7.2.2 and 7.5 allows remote attackers to cause a denial of service (CPU consumption or application crash) via a crafted XML query, a different vulnerability than CVE-2014-8926. | 5.0 |
2015-05-25 | CVE-2014-8926 | IBM | Resource Management Errors vulnerability in IBM products Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; Endpoint Manger for Software Use Analysis 9; and Tivoli Asset Discovery for Distributed 7.2.2 and 7.5 allows remote attackers to cause a denial of service (CPU consumption or application crash) via a crafted XML query, a different vulnerability than CVE-2014-8927. | 5.0 |
2015-05-25 | CVE-2014-6190 | IBM | Information Exposure vulnerability in IBM Workload Deployer The log viewer in IBM Workload Deployer 3.1 before 3.1.0.7 allows remote attackers to obtain sensitive information via a direct request for the URL of a log document. | 5.0 |
2015-05-25 | CVE-2015-1909 | IBM | Information Exposure vulnerability in IBM Infosphere Master Data Management Server The XML parser in the Reference Data Management component in the server in IBM InfoSphere Master Data Management (MDM) 10.1 before IF1, 11.0 before FP3, 11.3, and 11.4 before FP2 allows remote attackers to read arbitrary files, and consequently obtain administrative access, via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 5.0 |
2015-05-25 | CVE-2015-1895 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Optim Workload Replay 2.1/2.1.0.1/2.1.0.2 IBM InfoSphere Optim Workload Replay 2.x before 2.1.0.3 relies on client-side code to verify authorization, which allows remote attackers to bypass intended access restrictions by modifying the client behavior. | 5.0 |
2015-05-31 | CVE-2015-1010 | Rockwellautomation | Cryptographic Issues vulnerability in Rockwellautomation Rsview32 Rockwell Automation RSView32 7.60.00 (aka CPR9 SR4) and earlier does not properly encrypt credentials, which allows local users to obtain sensitive information by reading a file and conducting a decryption attack. | 4.9 |
2015-05-27 | CVE-2015-3332 | Debian Linux | Resource Management Errors vulnerability in multiple products A certain backport in the TCP Fast Open implementation for the Linux kernel before 3.18 does not properly maintain a count value, which allow local users to cause a denial of service (system crash) via the Fast Open feature, as demonstrated by visiting the chrome://flags/#enable-tcp-fast-open URL when using certain 3.10.x through 3.16.x kernel builds, including longterm-maintenance releases and ckt (aka Canonical Kernel Team) builds. | 4.9 |
2015-05-31 | CVE-2015-2949 | Zenphoto | Cross-site Scripting vulnerability in Zenphoto Cross-site scripting (XSS) vulnerability in ZenPhoto20 1.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2015-05-31 | CVE-2015-2948 | Zenphoto | Cross-site Scripting vulnerability in Zenphoto Cross-site scripting (XSS) vulnerability in the image processor in Zenphoto before 1.4.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2015-05-30 | CVE-2015-4138 | Blue Coat | Information Exposure vulnerability in Blue Coat products The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 does not include the HTTPOnly flag in a Set-Cookie header for the administrator's cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, a different vulnerability than CVE-2015-2855. | 4.3 |
2015-05-30 | CVE-2015-2855 | Blue Coat | Information Exposure vulnerability in Blue Coat products The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 does not set the secure flag for the administrator's cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session, a different vulnerability than CVE-2015-4138. | 4.3 |
2015-05-30 | CVE-2015-2854 | Blue Coat | Improper Input Validation vulnerability in Blue Coat products The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 does not send a restrictive X-Frame-Options HTTP header, which allows remote attackers to conduct clickjacking attacks via vectors involving an IFRAME element. | 4.3 |
2015-05-30 | CVE-2015-2852 | Blue Coat | Cross-Site Request Forgery (CSRF) vulnerability in Blue Coat products Cross-site request forgery (CSRF) vulnerability in the WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 allows remote attackers to hijack the authentication of administrators. | 4.3 |
2015-05-30 | CVE-2015-0747 | Cisco | Improper Input Validation vulnerability in Cisco products Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release allow remote attackers to inject arbitrary cookies via a crafted HTTP request, aka Bug ID CSCuh25408. | 4.3 |
2015-05-30 | CVE-2015-0733 | Cisco | HTTP Response Splitting vulnerability in Cisco Headend Digital Broadband Delivery System CRLF injection vulnerability in the HTTP Header Handler in Digital Broadband Delivery System in Cisco Headend System Release allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks, via a crafted request, aka Bug ID CSCur25580. | 4.3 |
2015-05-29 | CVE-2015-0752 | Cisco | Cross-site Scripting vulnerability in Cisco Telepresence Video Communication Server X8.5.1 Cross-site scripting (XSS) vulnerability in Cisco TelePresence Video Communication Server (VCS) X8.5.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCut27635. | 4.3 |
2015-05-29 | CVE-2015-3904 | Roomcloud | Cross-site Scripting vulnerability in Roomcloud 1.0/1.1 Multiple cross-site scripting (XSS) vulnerabilities in roomcloud.php in the Roomcloud plugin before 1.3 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) pin, (2) start_day, (3) start_month, (4) start_year, (5) end_day, (6) end_month, (7) end_year, (8) lang, (9) adults, or (10) children parameter. | 4.3 |
2015-05-28 | CVE-2015-4135 | Phpwind | Cross-site Scripting vulnerability in PHPwind 8.7 Cross-site scripting (XSS) vulnerability in goto.php in phpwind 8.7 allows remote attackers to inject arbitrary web script or HTML via the url parameter. | 4.3 |
2015-05-28 | CVE-2015-4127 | Church Admin Project | Cross-site Scripting vulnerability in Church Admin Project Church Admin Cross-site scripting (XSS) vulnerability in the church_admin plugin before 0.810 for WordPress allows remote attackers to inject arbitrary web script or HTML via the address parameter, as demonstrated by a request to index.php/2015/05/21/church_admin-registration-form/. | 4.3 |
2015-05-28 | CVE-2015-4084 | Free Counter | Cross-site Scripting vulnerability in Free-Counter Free Counter 1.1 Cross-site scripting (XSS) vulnerability in the Free Counter plugin 1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the value_ parameter in a check_stat action to wp-admin/admin-ajax.php. | 4.3 |
2015-05-28 | CVE-2015-3165 | Canonical Debian Apple Postgresql | Remote Denial Of Service vulnerability in PostgreSQL Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence. | 4.3 |
2015-05-28 | CVE-2015-1389 | Arubanetworks | Cross-site Scripting vulnerability in Arubanetworks Clearpass Policy Manager Cross-site scripting (XSS) vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allows remote attackers to inject arbitrary web script or HTML via the username parameter to tips/tipsLoginSubmit.action. | 4.3 |
2015-05-26 | CVE-2015-3903 | Phpmyadmin | Cryptographic Issues vulnerability in PHPmyadmin libraries/Config.class.php in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 disables X.509 certificate verification for GitHub API calls over SSL, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 4.3 |
2015-05-25 | CVE-2015-0962 | Barracuda | Source Code vulnerability in Barracuda web Filter Barracuda Web Filter 7.x and 8.x before 8.1.0.005, when SSL Inspection is enabled, uses the same root Certification Authority certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship. | 4.3 |
2015-05-25 | CVE-2015-0961 | Barracuda | Unspecified vulnerability in Barracuda web Filter Barracuda Web Filter before 8.1.0.005, when SSL Inspection is enabled, does not verify X.509 certificates from upstream SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 4.3 |
2015-05-25 | CVE-2014-4778 | IBM | Improper Input Validation vulnerability in IBM Endpoint Manager Family and License Metric Tool IBM License Metric Tool 9 before 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 before 9.1.0.2 do not send an X-Frame-Options HTTP header in response to requests for the login page, which allows remote attackers to conduct clickjacking attacks via vectors involving a FRAME element. | 4.3 |
2015-05-25 | CVE-2015-1915 | IBM | Information Exposure vulnerability in IBM Endpoint Manager Family 9.0.1/9.1.0 The Endpoint Manager for Remote Control component in IBM Tivoli Endpoint Manager for Lifecycle Management 9.0.1 before IF6 and 9.1.0 before IF6 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. | 4.3 |
2015-05-25 | CVE-2015-1911 | IBM | Cross-site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in Sterling Order Management 8.5 before HF113, Sterling Selling and Fulfillment Foundation 9.0.0 before FP92, and Sterling Field Sales (SFS) 9.0 before HF7 in IBM Sterling Selling and Fulfillment Suite allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 4.3 |
2015-05-30 | CVE-2015-0758 | Cisco | Information Exposure vulnerability in Cisco Unified Meetingplace 8.6(1.9) The web-based user interface in Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCus97452. | 4.0 |
2015-05-29 | CVE-2015-3995 | SAP | Information Exposure vulnerability in SAP Hana 1.00.73.00.389160 SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to read arbitrary files via an IMPORT FROM SQL statement, aka SAP Security Note 2109565. | 4.0 |
2015-05-29 | CVE-2015-3994 | SAP | Improper Input Validation vulnerability in SAP Hana 1.00.73.00.389160 The grant.xsfunc application in testApps/grantAccess/ in the XS Engine in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to spoof log entries via a crafted request, aka SAP Security Note 2109818. | 4.0 |
2015-05-28 | CVE-2015-1551 | Arubanetworks | Permissions, Privileges, and Access Controls vulnerability in Arubanetworks Clearpass Policy Manager Directory traversal vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.4 allows remote administrators to read arbitrary files via unspecified vectors. | 4.0 |
2015-05-25 | CVE-2015-2118 | HP | Unauthorized Access vulnerability in HP Access Control Software Unspecified vulnerability in the Secure Pull Print and Security Pull Print components in HP Access Control (AC) Software 12.x through 14.x before 14.1.2 allows remote authenticated users to obtain sensitive information via unknown vectors. | 4.0 |
2015-05-25 | CVE-2015-0169 | IBM | Injection vulnerability in IBM Security Siteprotector System IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to inject arguments via unspecified vectors. | 4.0 |
11 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-05-30 | CVE-2015-0121 | IBM | Local Privilege Escalation vulnerability in IBM products IBM Rational Requirements Composer 3.0 through 3.0.1.6 and 4.0 through 4.0.7 and Rational DOORS Next Generation (RDNG) 4.0 through 4.0.7 and 5.0 through 5.0.2, when LTPA single sign on is used with WebSphere Application Server, do not terminate a Requirements Management (RM) session upon LTPA token expiration, which allows remote attackers to obtain access by leveraging an unattended workstation. | 3.7 |
2015-05-30 | CVE-2015-0193 | IBM | Cross-site Scripting vulnerability in IBM Business Process Manager and Websphere Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, and 8.5.x through 8.5.5.0 and WebSphere Lombardi Edition (WLE) 7.2.x through 7.2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL that triggers an error condition. | 3.5 |
2015-05-28 | CVE-2015-4132 | Arubanetworks | Cross-site Scripting vulnerability in Arubanetworks Clearpass Policy Manager Multiple cross-site scripting (XSS) vulnerabilities in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allow remote administrators to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2015-05-27 | CVE-2015-4065 | Landing Pages Project | Cross-site Scripting vulnerability in Landing Pages Project Landing Pages 1.8.4 Cross-site scripting (XSS) vulnerability in shared/shortcodes/inbound-shortcodes.php in the Landing Pages plugin before 1.8.5 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the post parameter to wp-admin/post-new.php. | 3.5 |
2015-05-27 | CVE-2015-4063 | Newstatpress Project | Cross-site Scripting vulnerability in Newstatpress Project Newstatpress Cross-site scripting (XSS) vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the where1 parameter in the nsp_search page to wp-admin/admin.php. | 3.5 |
2015-05-25 | CVE-2015-0168 | IBM | Cross-site Scripting vulnerability in IBM Security Siteprotector System Cross-site scripting (XSS) vulnerability in IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2015-05-25 | CVE-2015-0156 | IBM | Cross-site Scripting vulnerability in IBM Business Process Manager and Websphere Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, and 8.5.x through 8.5.6.0 and WebSphere Lombardi Edition (WLE) 7.2.x through 7.2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 3.5 |
2015-05-25 | CVE-2014-6192 | IBM | Cross-site Scripting vulnerability in IBM Curam Social Program Management Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5 iFix10, 6.0.5 before 6.0.5.6, and 6.0.5.5a before 6.0.5.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 3.5 |
2015-05-25 | CVE-2015-1910 | IBM | Cross-site Scripting vulnerability in IBM Infosphere Master Data Management Server 10.1/11.0/11.3 Cross-site scripting (XSS) vulnerability in the Reference Data Management component in the server in IBM InfoSphere Master Data Management (MDM) 10.1 before IF1, 11.0 before FP3, and 11.3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 3.5 |
2015-05-29 | CVE-2015-0200 | IBM | Information Exposure vulnerability in IBM Websphere Commerce IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x before 7.0.0.8 IF2 allows local users to obtain sensitive database information via unspecified vectors. | 2.1 |
2015-05-25 | CVE-2015-0170 | IBM | Information Exposure vulnerability in IBM Security Siteprotector System IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows local users to obtain sensitive information by reading cached data. | 2.1 |